From 22094368c2865dcfb6daf8366425212b721a4657 Mon Sep 17 00:00:00 2001
From: matthew_swift <matthew_swift@localhost>
Date: Thu, 05 Feb 2009 17:42:14 +0000
Subject: [PATCH] Merge ASN1 branch to trunk
---
opends/src/server/org/opends/server/controls/ProxiedAuthV2Control.java | 237 ++++++++++++++++++++++++-----------------------------------
1 files changed, 97 insertions(+), 140 deletions(-)
diff --git a/opends/src/server/org/opends/server/controls/ProxiedAuthV2Control.java b/opends/src/server/org/opends/server/controls/ProxiedAuthV2Control.java
index 197f6bf..d5f576d 100644
--- a/opends/src/server/org/opends/server/controls/ProxiedAuthV2Control.java
+++ b/opends/src/server/org/opends/server/controls/ProxiedAuthV2Control.java
@@ -30,29 +30,20 @@
import java.util.concurrent.locks.Lock;
+import java.io.IOException;
import org.opends.server.api.IdentityMapper;
import org.opends.server.core.DirectoryServer;
import org.opends.server.core.PasswordPolicyState;
-import org.opends.server.protocols.asn1.ASN1Exception;
-import org.opends.server.protocols.asn1.ASN1OctetString;
-import org.opends.server.protocols.ldap.LDAPResultCode;
-import org.opends.server.types.Control;
-import org.opends.server.types.DirectoryException;
-import org.opends.server.types.DN;
-import org.opends.server.types.Entry;
-import org.opends.server.types.LDAPException;
-import org.opends.server.types.LockManager;
-import org.opends.server.types.ResultCode;
-
+import org.opends.server.protocols.asn1.*;
import static org.opends.server.loggers.debug.DebugLogger.*;
import org.opends.server.loggers.debug.DebugTracer;
-import org.opends.server.types.DebugLogLevel;
+import org.opends.server.types.*;
+
import static org.opends.messages.ProtocolMessages.*;
import static org.opends.server.util.ServerConstants.*;
import static org.opends.server.util.StaticUtils.*;
-import static org.opends.server.util.Validator.*;
-
+import static org.opends.server.util.Validator.ensureNotNull;
/**
@@ -67,6 +58,74 @@
extends Control
{
/**
+ * ControlDecoder implentation to decode this control from a ByteString.
+ */
+ private static final class Decoder
+ implements ControlDecoder<ProxiedAuthV2Control>
+ {
+ /**
+ * {@inheritDoc}
+ */
+ public ProxiedAuthV2Control decode(boolean isCritical, ByteString value)
+ throws DirectoryException
+ {
+ if (!isCritical)
+ {
+ Message message = ERR_PROXYAUTH2_CONTROL_NOT_CRITICAL.get();
+ throw new DirectoryException(ResultCode.PROTOCOL_ERROR, message);
+ }
+
+ if (value == null)
+ {
+ Message message = ERR_PROXYAUTH2_NO_CONTROL_VALUE.get();
+ throw new DirectoryException(ResultCode.PROTOCOL_ERROR, message);
+ }
+
+ ASN1Reader reader = ASN1.getReader(value);
+ ByteString authorizationID;
+ try
+ {
+ // Try the legacy encoding where the value is wrapped by an
+ // extra octet string
+ authorizationID = reader.readOctetString();
+ }
+ catch (Exception e)
+ {
+ // Try just getting the value.
+ authorizationID = value;
+ String lowerAuthZIDStr = toLowerCase(authorizationID.toString());
+ if (!lowerAuthZIDStr.startsWith("dn:") &&
+ !lowerAuthZIDStr.startsWith("u:"))
+ {
+ if (debugEnabled())
+ {
+ TRACER.debugCaught(DebugLogLevel.ERROR, e);
+ }
+
+ Message message =
+ ERR_PROXYAUTH2_CANNOT_DECODE_VALUE.get(getExceptionMessage(e));
+ throw new DirectoryException(ResultCode.PROTOCOL_ERROR, message,
+ e);
+ }
+ }
+
+ return new ProxiedAuthV2Control(isCritical, authorizationID);
+ }
+
+ public String getOID()
+ {
+ return OID_PROXIED_AUTH_V2;
+ }
+
+ }
+
+ /**
+ * The Control Decoder that can be used to decode this control.
+ */
+ public static final ControlDecoder<ProxiedAuthV2Control> DECODER =
+ new Decoder();
+
+ /**
* The tracer object for the debug logger.
*/
private static final DebugTracer TRACER = getTracer();
@@ -75,7 +134,7 @@
// The authorization ID from the control value.
- private ASN1OctetString authorizationID;
+ private ByteString authorizationID;
@@ -85,13 +144,9 @@
*
* @param authorizationID The authorization ID from the control value.
*/
- public ProxiedAuthV2Control(ASN1OctetString authorizationID)
+ public ProxiedAuthV2Control(ByteString authorizationID)
{
- super(OID_PROXIED_AUTH_V2, true, authorizationID);
-
-
- ensureNotNull(authorizationID);
- this.authorizationID = authorizationID;
+ this(true, authorizationID);
}
@@ -100,17 +155,16 @@
* Creates a new instance of the proxied authorization v2 control with the
* provided information.
*
- * @param oid The OID to use for this control.
* @param isCritical Indicates whether support for this control
* should be considered a critical part of the
* server processing.
* @param authorizationID The authorization ID from the control value.
*/
- private ProxiedAuthV2Control(String oid, boolean isCritical,
- ASN1OctetString authorizationID)
+ public ProxiedAuthV2Control(boolean isCritical, ByteString authorizationID)
{
- super(oid, isCritical, authorizationID);
+ super(OID_PROXIED_AUTH_V2, isCritical);
+ ensureNotNull(authorizationID);
this.authorizationID = authorizationID;
}
@@ -118,76 +172,15 @@
/**
- * Creates a new proxied authorization v2 control from the contents of the
- * provided control.
+ * Writes this control's value to an ASN.1 writer. The value (if any) must be
+ * written as an ASN1OctetString.
*
- * @param control The generic control containing the information to use to
- * create this proxied authorization v2 control. It must not
- * be {@code null}.
- *
- * @return The proxied authorization v2 control decoded from the provided
- * control.
- *
- * @throws LDAPException If this control cannot be decoded as a valid
- * proxied authorization v2 control.
+ * @param writer The ASN.1 writer to use.
+ * @throws IOException If a problem occurs while writing to the stream.
*/
- public static ProxiedAuthV2Control decodeControl(Control control)
- throws LDAPException
- {
- ensureNotNull(control);
-
- if (! control.isCritical())
- {
- Message message = ERR_PROXYAUTH2_CONTROL_NOT_CRITICAL.get();
- throw new LDAPException(LDAPResultCode.PROTOCOL_ERROR, message);
- }
-
- if (! control.hasValue())
- {
- Message message = ERR_PROXYAUTH2_NO_CONTROL_VALUE.get();
- throw new LDAPException(LDAPResultCode.PROTOCOL_ERROR, message);
- }
-
- ASN1OctetString authorizationID;
- try
- {
- authorizationID =
- ASN1OctetString.decodeAsOctetString(control.getValue().value());
- }
- catch (ASN1Exception ae)
- {
- String lowerAuthZIDStr = toLowerCase(control.getValue().stringValue());
- if (lowerAuthZIDStr.startsWith("dn:") || lowerAuthZIDStr.startsWith("u:"))
- {
- authorizationID = control.getValue();
- }
- else
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, ae);
- }
-
- Message message =
- ERR_PROXYAUTH2_CANNOT_DECODE_VALUE.get(getExceptionMessage(ae));
- throw new LDAPException(LDAPResultCode.PROTOCOL_ERROR, message,
- ae);
- }
- }
- catch (Exception e)
- {
- if (debugEnabled())
- {
- TRACER.debugCaught(DebugLogLevel.ERROR, e);
- }
-
- Message message =
- ERR_PROXYAUTH2_CANNOT_DECODE_VALUE.get(getExceptionMessage(e));
- throw new LDAPException(LDAPResultCode.PROTOCOL_ERROR, message, e);
- }
-
- return new ProxiedAuthV2Control(control.getOID(), control.isCritical(),
- authorizationID);
+ @Override
+ protected void writeValue(ASN1Writer writer) throws IOException {
+ writer.writeOctetString(authorizationID);
}
@@ -197,7 +190,7 @@
*
* @return The authorization ID for this proxied authorization V2 control.
*/
- public ASN1OctetString getAuthorizationID()
+ public ByteString getAuthorizationID()
{
return authorizationID;
}
@@ -205,28 +198,6 @@
/**
- * Specifies the authorization ID for this proxied authorization V2 control.
- *
- * @param authorizationID The authorization ID for this proxied
- * authorization V2 control.
- */
- public void setAuthorizationID(ASN1OctetString authorizationID)
- {
- if (authorizationID == null)
- {
- this.authorizationID = new ASN1OctetString();
- setValue(this.authorizationID);
- }
- else
- {
- this.authorizationID = authorizationID;
- setValue(authorizationID);
- }
- }
-
-
-
- /**
* Retrieves the authorization entry for this proxied authorization V2
* control. It will also perform any necessary password policy checks to
* ensure that the associated user account is suitable for use in performing
@@ -244,7 +215,7 @@
throws DirectoryException
{
// Check for a zero-length value, which would be for an anonymous user.
- if (authorizationID.value().length == 0)
+ if (authorizationID.length() == 0)
{
return null;
}
@@ -252,13 +223,12 @@
// Get a lowercase string representation. It must start with either "dn:"
// or "u:".
- String authzID = authorizationID.stringValue();
- String lowerAuthzID = toLowerCase(authzID);
+ String lowerAuthzID = toLowerCase(authorizationID.toString());
if (lowerAuthzID.startsWith("dn:"))
{
// It's a DN, so decode it and see if it exists. If it's the null DN,
// then just assume that it does.
- DN authzDN = DN.decode(authzID.substring(3));
+ DN authzDN = DN.decode(lowerAuthzID.substring(3));
if (authzDN.isNullDN())
{
return null;
@@ -297,7 +267,7 @@
if (userEntry == null)
{
// The requested user does not exist.
- Message message = ERR_PROXYAUTH2_NO_SUCH_USER.get(authzID);
+ Message message = ERR_PROXYAUTH2_NO_SUCH_USER.get(lowerAuthzID);
throw new DirectoryException(ResultCode.AUTHORIZATION_DENIED,
message);
}
@@ -339,7 +309,7 @@
// Use the proxied authorization identity mapper to resolve the username
// to an entry.
- IdentityMapper proxyMapper =
+ IdentityMapper<?> proxyMapper =
DirectoryServer.getProxiedAuthorizationIdentityMapper();
if (proxyMapper == null)
{
@@ -347,10 +317,10 @@
throw new DirectoryException(ResultCode.AUTHORIZATION_DENIED, message);
}
- Entry userEntry = proxyMapper.getEntryForID(authzID.substring(2));
+ Entry userEntry = proxyMapper.getEntryForID(lowerAuthzID.substring(2));
if (userEntry == null)
{
- Message message = ERR_PROXYAUTH2_NO_SUCH_USER.get(authzID);
+ Message message = ERR_PROXYAUTH2_NO_SUCH_USER.get(lowerAuthzID);
throw new DirectoryException(ResultCode.AUTHORIZATION_DENIED, message);
}
else
@@ -376,7 +346,7 @@
}
else
{
- Message message = ERR_PROXYAUTH2_INVALID_AUTHZID.get(authzID);
+ Message message = ERR_PROXYAUTH2_INVALID_AUTHZID.get(lowerAuthzID);
throw new DirectoryException(ResultCode.PROTOCOL_ERROR, message);
}
}
@@ -384,29 +354,16 @@
/**
- * Retrieves a string representation of this proxied auth v2 control.
- *
- * @return A string representation of this proxied auth v2 control.
- */
- public String toString()
- {
- StringBuilder buffer = new StringBuilder();
- toString(buffer);
- return buffer.toString();
- }
-
-
-
- /**
* Appends a string representation of this proxied auth v2 control to the
* provided buffer.
*
* @param buffer The buffer to which the information should be appended.
*/
+ @Override
public void toString(StringBuilder buffer)
{
buffer.append("ProxiedAuthorizationV2Control(authzID=\"");
- authorizationID.toString(buffer);
+ buffer.append(authorizationID);
buffer.append("\")");
}
}
--
Gitblit v1.10.0